IRIS Legacy

#!/usr/bin/env python3 """ Quick script to check OAuth token scopes """ import json from pathlib import Path TOKEN_FILE = Path("/tmp/iris_oauth_tokens.json") if not TOKEN_FILE.exists(): print("❌ Token file not found. Please login first at:") print(" https://trustypa.brainaihub.tech/") exit(1) with open(TOKEN_FILE) as f: tokens = json.load(f) print("=" * 70) print("🔐 OAUTH TOKEN ANALYSIS") print("=" * 70) for user_email, data in tokens.items(): print(f"\n📧 User: {user_email}") # Extract scopes scopes = data.get('scope', '').split() print(f"📊 Total scopes: {len(scopes)}") # Check critical scopes for user search critical_scopes = { 'User.Read': '✅' if 'User.Read' in scopes else '❌', 'User.Read.All': '✅' if 'User.Read.All' in scopes else '❌', 'User.ReadBasic.All': '✅' if 'User.ReadBasic.All' in scopes else '✅' if 'User.ReadBasic.All' in scopes else '❌', } # Check Bookings scopes bookings_scopes = { 'Bookings.Read.All': '✅' if 'Bookings.Read.All' in scopes else '❌', 'Bookings.ReadWrite.All': '✅' if 'Bookings.ReadWrite.All' in scopes else '❌', 'Bookings.Manage.All': '✅' if 'Bookings.Manage.All' in scopes else '❌', } print("\n🔍 Critical Scopes (User Operations):") for scope, status in critical_scopes.items(): print(f" {status} {scope}") print("\n📅 Bookings Scopes:") for scope, status in bookings_scopes.items(): print(f" {status} {scope}") print("\n📋 All Scopes:") for i, scope in enumerate(sorted(scopes), 1): print(f" {i:2}. {scope}") # Token expiry expires_at = data.get('expires_at', 0) if expires_at: from datetime import datetime expires_dt = datetime.fromtimestamp(expires_at) now = datetime.now() remaining = expires_dt - now minutes = int(remaining.total_seconds() / 60) print(f"\n⏰ Token expires in: {minutes} minutes") print("\n" + "=" * 70) # Check if user search will work all_tokens = list(tokens.values()) if all_tokens: first_token = all_tokens[0] scopes = first_token.get('scope', '').split() has_user_read_all = 'User.Read.All' in scopes has_user_readbasic = 'User.ReadBasic.All' in scopes if has_user_read_all or has_user_readbasic: print("✅ USER SEARCH SHOULD WORK!") print(" Token has sufficient permissions for /users endpoint") else: print("⚠️ USER SEARCH MAY FAIL") print(" Missing User.Read.All or User.ReadBasic.All scope") print(" Current user-related scopes:") for scope in scopes: if 'User' in scope or 'People' in scope: print(f" - {scope}") print("=" * 70)